Searching Kubernetes Logs Without A Logging Platform
Searching through pod logs on Kubernetes can be more challenging without a centralized logging platform like Datadog or Splunk.
Here’s how you can do it with
You can use
kubectl to get logs for multiple containers by using their label:
kubectl logs -n kube-system -l k8s-app=kube-dns
To search the logs, just pipe it to
kubectl logs -n kube-system -l k8s-app=kube-dns | grep -i "error"
If you would like to get a live tail and follow the logs, you can use the
kubectl logs -f -n kube-system -l k8s-app=kube-dns
Then, you can pipe it into grep with
--line-buffered for continuous output:
kubectl logs -f -n kube-system -l k8s-app=kube-dns | grep --line-buffered -i "error"
Note that there’s a default limit of 5 containers when using the follow flag
You can get around this by setting
n is the number of containers you’d like to follow logs for.
Like what you've read?
If you're an engineering leader or developer, you should subscribe to my 80/20 DevOps Newsletter. Give me 1 minute of your day, and I'll teach you essential DevOps skills. I cover topics like Kubernetes, AWS, Infrastructure as Code, and more.
Not sure yet? Check out the archive.
Unsubscribe at any time.